Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d38767-2fc5-4c50-a27f-7429b22772c3/1/ieAdYhfL7YWN2SLS2f9hqBVZtZM.roa
File: ieAdYhfL7YWN2SLS2f9hqBVZtZM.roa (raw, json)
Hash identifier: hG5CDDVlPm8IgOCRW9955aYuwC+jVZMftA53gP484x8=
Subject key identifier: 89:E0:1D:62:17:CB:ED:85:8D:D9:22:D2:D9:FF:61:A8:15:59:B5:93
Certificate issuer: /CN=50480549481968d43406127653f780abbf9a117b
Certificate serial: 0194274861FC681AC114E4CB65A9085E03D9
Authority key identifier: 50:48:05:49:48:19:68:D4:34:06:12:76:53:F7:80:AB:BF:9A:11:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UEgFSUgZaNQ0BhJ2U_eAq7-aEXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d38767-2fc5-4c50-a27f-7429b22772c3/1/ieAdYhfL7YWN2SLS2f9hqBVZtZM.roa
Signing time: Thu 02 Jan 2025 13:50:42 +0000
ROA not before: Thu 02 Jan 2025 13:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34971
IP address blocks: 185.136.176.0/22 maxlen: 24
185.136.176.0/24 maxlen: 24
185.136.177.0/24 maxlen: 24
2a06:fdc0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:61:fc:68:1a:c1:14:e4:cb:65:a9:08:5e:03:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50480549481968d43406127653f780abbf9a117b
Validity
Not Before: Jan 2 13:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89e01d6217cbed858dd922d2d9ff61a81559b593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:93:bf:3f:54:95:ff:a1:15:08:81:e6:02:d0:
ec:33:3f:6f:76:4d:ac:d9:fe:6a:ce:0a:2b:79:2f:
d0:7c:f1:02:88:1d:d8:37:3a:14:d2:22:ff:80:e9:
e8:4b:d8:56:58:11:30:e9:a4:70:64:9e:d0:b9:f4:
79:5f:83:d4:6b:00:a8:50:eb:02:29:3a:c1:0f:d5:
0d:61:bd:29:e2:09:18:9d:6d:55:b6:b9:4f:e3:23:
03:09:d9:df:fa:44:ee:26:1e:58:d2:1a:c5:ff:53:
ec:22:d9:d7:fb:ff:9d:00:01:52:59:ad:ac:26:81:
82:69:a1:7d:8b:2f:d5:c9:31:1c:99:89:d7:a0:36:
86:3b:6c:f1:30:b4:cf:fa:8e:50:d3:74:23:66:75:
d7:ee:3c:d4:96:5a:74:2b:2d:90:5e:6b:22:30:65:
38:1a:6d:f3:4c:85:00:b8:d0:e3:35:58:a0:40:18:
d8:8f:31:d1:79:49:87:6e:8c:39:e5:2a:50:ff:41:
c7:a3:5f:bb:5a:be:66:16:46:50:d3:7e:20:70:3f:
89:5c:a3:aa:31:c4:2e:69:23:c7:91:f0:49:88:41:
05:9d:50:1b:2c:a9:79:18:95:70:0e:16:97:f6:16:
dc:af:e6:f2:7e:bd:a0:e8:ca:37:b1:0c:6b:29:21:
14:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E0:1D:62:17:CB:ED:85:8D:D9:22:D2:D9:FF:61:A8:15:59:B5:93
X509v3 Authority Key Identifier:
keyid:50:48:05:49:48:19:68:D4:34:06:12:76:53:F7:80:AB:BF:9A:11:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UEgFSUgZaNQ0BhJ2U_eAq7-aEXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d38767-2fc5-4c50-a27f-7429b22772c3/1/ieAdYhfL7YWN2SLS2f9hqBVZtZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d38767-2fc5-4c50-a27f-7429b22772c3/1/UEgFSUgZaNQ0BhJ2U_eAq7-aEXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.176.0/22
IPv6:
2a06:fdc0::/32
Signature Algorithm: sha256WithRSAEncryption
87:27:78:1c:3f:12:6a:fa:de:c3:3a:78:ea:cd:f8:b6:ad:a7:
17:f3:cf:18:1b:c6:34:33:42:c8:6f:69:fb:09:73:db:0b:c7:
2f:9d:17:d7:22:73:91:1e:1c:37:42:40:13:19:74:74:85:78:
12:af:1d:7f:2b:d6:c9:9f:48:d7:a5:81:0b:ad:ae:c1:de:c2:
07:ea:5d:22:41:28:4c:67:d5:1a:c2:b9:e7:46:65:7e:4c:cf:
3a:08:2d:c1:3d:5b:d1:55:e4:81:18:31:3b:bc:92:9a:20:13:
f2:e4:3a:32:21:e8:ee:d4:e5:af:d6:73:74:88:63:fe:5f:e8:
dd:19:5a:02:b1:de:e9:65:c8:6a:3c:fc:90:67:2e:4c:3e:b4:
ba:5f:f2:2a:c0:2a:5d:89:43:80:9d:9b:a1:96:a7:2a:37:08:
f4:69:4c:62:eb:e0:c2:b7:82:c6:e5:e3:0f:38:61:36:c2:99:
9c:01:15:d5:a8:c5:25:f0:9d:74:d7:9a:d2:94:4f:cd:e3:a4:
47:5e:9c:8f:04:66:4a:7b:08:54:6c:0a:8a:5c:69:e3:5c:22:
00:74:1c:fa:c6:16:7f:bc:65:63:7b:89:21:c6:60:a2:5d:cb:
93:e1:3b:45:03:4f:e4:76:02:cb:0f:bf:f7:f9:04:11:53:4d:
23:69:10:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSGH8aBrBFOTLZakIXgPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNDgwNTQ5NDgxOTY4ZDQzNDA2MTI3NjUzZjc4MGFiYmY5
YTExN2IwHhcNMjUwMTAyMTM1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWUwMWQ2MjE3Y2JlZDg1OGRkOTIyZDJkOWZmNjFhODE1NTliNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJO/P1SV/6EVCIHmAtDsMz9vdk2s
2f5qzgoreS/QfPECiB3YNzoU0iL/gOnoS9hWWBEw6aRwZJ7QufR5X4PUawCoUOsC
KTrBD9UNYb0p4gkYnW1VtrlP4yMDCdnf+kTuJh5Y0hrF/1PsItnX+/+dAAFSWa2s
JoGCaaF9iy/VyTEcmYnXoDaGO2zxMLTP+o5Q03QjZnXX7jzUllp0Ky2QXmsiMGU4
Gm3zTIUAuNDjNVigQBjYjzHReUmHbow55SpQ/0HHo1+7Wr5mFkZQ034gcD+JXKOq
McQuaSPHkfBJiEEFnVAbLKl5GJVwDhaX9hbcr+byfr2g6Mo3sQxrKSEUnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIngHWIXy+2Fjdki0tn/YagVWbWTMB8GA1UdIwQY
MBaAFFBIBUlIGWjUNAYSdlP3gKu/mhF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUVnRlNVZ1phTlEwQmhKMlVfZUFxNy1hRVhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kMzg3NjctMmZjNS00YzUwLWEyN2Yt
NzQyOWIyMjc3MmMzLzEvaWVBZFloZkw3WVdOMlNMUzJmOWhxQlZadFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kMzg3NjctMmZjNS00YzUwLWEyN2YtNzQyOWIyMjc3MmMz
LzEvVUVnRlNVZ1phTlEwQmhKMlVfZUFxNy1hRVhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYiwMA0E
AgACMAcDBQAqBv3AMA0GCSqGSIb3DQEBCwUAA4IBAQCHJ3gcPxJq+t7DOnjqzfi2
racX888YG8Y0M0LIb2n7CXPbC8cvnRfXInORHhw3QkATGXR0hXgSrx1/K9bJn0jX
pYELra7B3sIH6l0iQShMZ9UawrnnRmV+TM86CC3BPVvRVeSBGDE7vJKaIBPy5Doy
Ieju1OWv1nN0iGP+X+jdGVoCsd7pZchqPPyQZy5MPrS6X/IqwCpdiUOAnZuhlqcq
Nwj0aUxi6+DCt4LG5eMPOGE2wpmcARXVqMUl8J1015rSlE/N46RHXpyPBGZKewhU
bAqKXGnjXCIAdBz6xhZ/vGVje4khxmCiXcuT4TtFA0/kdgLLD7/3+QQRU00jaRBP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:15 2025 by rpki-client on console.sobornost.net